Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cd/b6409b-1638-4c7a-81f2-94f8fb3009f2/1/5KurNtTZ4N1sP05t2ebE692NCPQ.roa
File: 5KurNtTZ4N1sP05t2ebE692NCPQ.roa (raw, json)
Hash identifier: lXuNJV9EKo+5kksheJK+CXaVRDL8PRToyBfhQpCTxvA=
Subject key identifier: E4:AB:AB:36:D4:D9:E0:DD:6C:3F:4E:6D:D9:E6:C4:EB:DD:8D:08:F4
Certificate issuer: /CN=e8ed602fd0d46d38cde1e732c652ea9958e97691
Certificate serial: 05BA699A
Authority key identifier: E8:ED:60:2F:D0:D4:6D:38:CD:E1:E7:32:C6:52:EA:99:58:E9:76:91
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6O1gL9DUbTjN4ecyxlLqmVjpdpE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cd/b6409b-1638-4c7a-81f2-94f8fb3009f2/1/5KurNtTZ4N1sP05t2ebE692NCPQ.roa
Signing time: Sat 01 Jan 2022 16:04:02 +0000
ROA not before: Sat 01 Jan 2022 16:04:02 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 207488
IP address blocks: 2001:678:c10::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 96102810 (0x5ba699a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e8ed602fd0d46d38cde1e732c652ea9958e97691
Validity
Not Before: Jan 1 16:04:02 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=e4abab36d4d9e0dd6c3f4e6dd9e6c4ebdd8d08f4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:14:8c:7a:e4:1f:96:13:d2:23:8e:85:f9:3d:
86:68:d4:08:32:de:07:cc:81:91:45:c5:3c:6d:e3:
f5:2a:20:47:09:11:14:b4:e0:90:27:75:17:6b:2c:
ba:c7:43:83:c0:fd:ec:e8:f3:91:11:97:f3:b3:6f:
99:9f:8e:cd:89:dc:8f:ad:6b:c7:73:5e:db:9d:01:
4b:ad:ec:5c:72:28:8d:76:71:f0:4f:57:dc:fb:3c:
cb:ac:e2:5c:00:8f:c4:2f:0e:0e:25:81:55:2e:bb:
7a:27:98:e3:5f:dc:33:77:08:e2:af:da:04:0a:d9:
62:ad:ca:de:87:f2:5f:16:a0:cd:f4:55:f9:d5:00:
f0:ae:04:e2:22:87:15:2b:82:5d:26:df:27:a6:e3:
b8:9a:5b:7e:fc:c6:a7:9a:bf:7a:68:26:f3:d0:3c:
8f:dd:be:80:95:da:06:a2:6e:96:73:e2:34:d5:07:
28:58:d6:a5:dd:34:55:c3:c2:d9:47:af:91:07:f5:
85:30:d6:d2:30:fb:13:e0:57:cd:a6:8a:58:bc:bc:
ff:1d:0e:5a:3c:1a:74:69:41:9f:ef:99:12:8b:cd:
08:04:0a:55:e7:a7:28:7a:06:64:46:15:19:0f:90:
c0:60:a6:ed:aa:fc:1f:b2:47:bd:63:30:22:a1:12:
db:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E4:AB:AB:36:D4:D9:E0:DD:6C:3F:4E:6D:D9:E6:C4:EB:DD:8D:08:F4
X509v3 Authority Key Identifier:
keyid:E8:ED:60:2F:D0:D4:6D:38:CD:E1:E7:32:C6:52:EA:99:58:E9:76:91
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6O1gL9DUbTjN4ecyxlLqmVjpdpE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/b6409b-1638-4c7a-81f2-94f8fb3009f2/1/5KurNtTZ4N1sP05t2ebE692NCPQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/b6409b-1638-4c7a-81f2-94f8fb3009f2/1/6O1gL9DUbTjN4ecyxlLqmVjpdpE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:678:c10::/48
Signature Algorithm: sha256WithRSAEncryption
22:45:2b:05:35:72:70:52:6a:21:b6:21:44:f9:94:65:ee:98:
b1:5f:7d:ad:35:4e:4e:39:94:be:30:78:52:d2:e8:1e:6d:f2:
76:50:92:10:ca:f1:ee:12:48:6b:44:98:41:bc:68:be:e4:be:
09:65:75:79:1b:32:39:ed:db:d6:c1:1e:54:69:ea:c2:74:8c:
f5:b3:fb:3e:77:d4:b9:99:8b:2b:db:42:43:27:94:ad:fc:0d:
6b:c5:f2:ce:70:28:f3:55:19:de:44:5e:df:d6:42:3a:25:dd:
0e:f2:4a:29:b8:ad:a5:bd:99:6a:d7:65:1e:53:82:3e:c2:04:
65:24:92:aa:66:43:06:1e:ee:09:56:78:9d:dc:49:15:fb:a5:
71:3d:07:d1:2c:67:fa:ea:1d:64:70:3a:f7:03:2b:05:fc:1d:
b0:9c:70:0b:b9:cc:6d:76:2e:47:53:b6:3c:62:a4:9e:26:7c:
89:3a:3c:6e:88:49:0e:7a:c1:11:01:fc:8a:8b:08:8d:86:03:
0f:9d:9c:08:ef:67:f3:90:8a:3c:d3:1b:02:39:a4:0a:6e:06:
41:da:14:bb:81:f7:73:2c:2d:07:17:ae:f4:41:d5:67:5e:c0:
0a:a7:97:4c:db:5b:b4:04:4b:60:95:d8:7f:7a:eb:ec:8d:c6:
75:09:a0:9a
-----BEGIN CERTIFICATE-----
MIIE8jCCA9qgAwIBAgIEBbppmjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhl
OGVkNjAyZmQwZDQ2ZDM4Y2RlMWU3MzJjNjUyZWE5OTU4ZTk3NjkxMB4XDTIyMDEw
MTE2MDQwMloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZTRhYmFiMzZkNGQ5
ZTBkZDZjM2Y0ZTZkZDllNmM0ZWJkZDhkMDhmNDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAM8UjHrkH5YT0iOOhfk9hmjUCDLeB8yBkUXFPG3j9SogRwkR
FLTgkCd1F2ssusdDg8D97OjzkRGX87NvmZ+OzYncj61rx3Ne250BS63sXHIojXZx
8E9X3Ps8y6ziXACPxC8ODiWBVS67eieY41/cM3cI4q/aBArZYq3K3ofyXxagzfRV
+dUA8K4E4iKHFSuCXSbfJ6bjuJpbfvzGp5q/emgm89A8j92+gJXaBqJulnPiNNUH
KFjWpd00VcPC2UevkQf1hTDW0jD7E+BXzaaKWLy8/x0OWjwadGlBn++ZEovNCAQK
VeenKHoGZEYVGQ+QwGCm7ar8H7JHvWMwIqES2zECAwEAAaOCAgwwggIIMB0GA1Ud
DgQWBBTkq6s21Nng3Ww/Tm3Z5sTr3Y0I9DAfBgNVHSMEGDAWgBTo7WAv0NRtOM3h
5zLGUuqZWOl2kTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzZPMWdMOURVYlRqTjRlY3l4bExxbVZqcGRwRS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvY2QvYjY0MDliLTE2MzgtNGM3YS04MWYyLTk0ZjhmYjMwMDlmMi8x
LzVLdXJOdFRaNE4xc1AwNXQyZWJFNjkyTkNQUS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvY2Qv
YjY0MDliLTE2MzgtNGM3YS04MWYyLTk0ZjhmYjMwMDlmMi8xLzZPMWdMOURVYlRq
TjRlY3l4bExxbVZqcGRwRS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAi
BggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACABBngMEDANBgkqhkiG9w0BAQsF
AAOCAQEAIkUrBTVycFJqIbYhRPmUZe6YsV99rTVOTjmUvjB4UtLoHm3ydlCSEMrx
7hJIa0SYQbxovuS+CWV1eRsyOe3b1sEeVGnqwnSM9bP7PnfUuZmLK9tCQyeUrfwN
a8XyznAo81UZ3kRe39ZCOiXdDvJKKbitpb2ZatdlHlOCPsIEZSSSqmZDBh7uCVZ4
ndxJFfulcT0H0Sxn+uodZHA69wMrBfwdsJxwC7nMbXYuR1O2PGKkniZ8iTo8bohJ
DnrBEQH8iosIjYYDD52cCO9n85CKPNMbAjmkCm4GQdoUu4H3cywtBxeu9EHVZ17A
CqeXTNtbtARLYJXYf3rr7I3GdQmgmg==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:04:08 2023 by rpki-client on console-fra.rpki-client.org